Bug 1384334
| Summary: | On an SSL enabled overcloud the Neutron api returns http URL | |||
|---|---|---|---|---|
| Product: | Red Hat OpenStack | Reporter: | Marius Cornea <mcornea> | |
| Component: | openstack-neutron | Assignee: | John Schwarz <jschwarz> | |
| Status: | CLOSED ERRATA | QA Contact: | Marius Cornea <mcornea> | |
| Severity: | high | Docs Contact: | ||
| Priority: | high | |||
| Version: | 10.0 (Newton) | CC: | amuller, chrisw, ddomingo, ihrachys, jschluet, jschwarz, mburns, mcornea, nkinder, nyechiel, oblaut, srevivo | |
| Target Milestone: | rc | Keywords: | Triaged | |
| Target Release: | 10.0 (Newton) | |||
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | openstack-neutron-9.0.0-1.7.el7ost | Doc Type: | Bug Fix | |
| Doc Text: |
This release adds a HTTPProxyToWSGI middleware in front of the OpenStack Networking API to set up a request URL correctly in case a proxy (eg. HAProxy) is used between the client and server. This ensures that when a client uses SSL, the server recognizes this and responds using the correct protocol. Previously, using a proxy made it possible for the server to respond with HTTP (instead of HTTPS) even when a client used SSL.
|
Story Points: | --- | |
| Clone Of: | ||||
| : | 1384340 (view as bug list) | Environment: | ||
| Last Closed: | 2016-12-14 16:18:25 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 1384340 | |||
|
Description
Marius Cornea
2016-10-13 06:54:01 UTC
Testing fails with the current build. I believe in order to be able to verify this we also need a fix for BZ#1384340 which is still in NEW state. curl -s -H "X-Auth-Token: $OS_TOKEN" https://172.16.18.25:13696 | python -m json.tool { "versions": [ { "id": "v2.0", "links": [ { "href": "http://172.16.18.25:13696/v2.0", "rel": "self" } ], "status": "CURRENT" } ] } Marius, do you have a specific puppet patch on your mind? (In reply to Ihar Hrachyshka from comment #4) > Marius, do you have a specific puppet patch on your mind? Yes, it looks that this one fixes addresses the issue: https://review.openstack.org/#/c/400591/ Marius, puppet-tripleo doesn't have a patches branch. In other words, patches are automatically synced from upstream. Putting a needinfo on Mike Burns who I hear deals with the syncs. This has landed in the latest build and canbe verified:
{
"versions": [
{
"id": "v2.0",
"links": [
{
"href": "https://172.16.18.25:13696/v2.0",
"rel": "self"
}
],
"status": "CURRENT"
}
]
}
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHEA-2016-2948.html |